| |
| |||||||
Log-Analyse und Auswertung: Einschätzung otl-logWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.05.2011, 08:34
| #1 |
 |  Einschätzung otl-log Guten Morgen, ich hatte gestern einen trojaner-befall des typs "TR/Kazy.mekml.1". Nun habe ich, entsprechend der anleitung des forums, malewarebytes ausgeführt, und die infizierten datein gelöscht. außerdem habe ich otl.exe und unhide.exe laufen lassen. Nun wollte ich zunächst fragen, ob mir jemand ein kostenlose Lösung empfehlen kann, wie soetwas nicht mehr vorkommt. Außerdem wollte ich gerne wissen, ob die beiden logs von otl in ordnung sind, oder ich weitere schritte unternehmen muss. vielen dank schonmal im voraus. hier die otl.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 12.05.2011 08:12:59 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,09 Gb Total Space | 60,49 Gb Free Space | 41,98% Space Free | Partition Type: NTFS Drive D: | 144,00 Gb Total Space | 129,23 Gb Free Space | 89,75% Space Free | Partition Type: NTFS Computer Name: -PC | User Name: | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.05.12 08:10:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe PRC - [2011.05.11 17:09:56 | 003,318,784 | -H-- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe PRC - [2011.05.11 17:09:56 | 000,496,128 | -H-- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\sp_rsser.exe PRC - [2011.04.30 14:08:41 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.19 18:22:23 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.02.18 17:49:27 | 000,634,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe PRC - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2010.11.14 18:50:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.01.16 21:03:48 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe PRC - [2009.01.16 20:28:08 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe PRC - [2009.01.09 14:48:02 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe PRC - [2009.01.09 12:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe PRC - [2009.01.09 09:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe PRC - [2009.01.08 21:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe PRC - [2009.01.08 21:30:26 | 000,645,328 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.10.05 05:16:26 | 000,235,936 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe PRC - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe PRC - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008.05.22 10:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008.05.13 02:13:28 | 000,085,672 | ---- | M] () -- C:\Programme\Samsung\Samsung Update Plus\SLUTrayNotifier.exe PRC - [2008.04.25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008.04.17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 04:24:49 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ieuser.exe PRC - [2008.01.21 04:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008.01.16 10:37:38 | 000,031,248 | ---- | M] (Syntek America Inc.) -- C:\Windows\System32\StkCSrv.exe PRC - [2007.07.05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006.10.26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe ========== Modules (SafeList) ========== MOD - [2011.05.12 08:10:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe MOD - [2010.08.31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011.05.11 17:09:56 | 000,496,128 | -H-- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv) SRV - [2011.04.30 14:08:41 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.03.19 18:22:23 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2009.01.17 08:33:02 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2009.01.16 21:03:48 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV - [2009.01.16 20:28:08 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2009.01.09 14:48:02 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2009.01.09 12:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2009.01.09 09:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2009.01.08 21:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2008.05.23 07:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008.05.23 06:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008.01.16 10:37:38 | 000,031,248 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\System32\StkCSrv.exe -- (StkSSrv) ========== Driver Services (SafeList) ========== DRV - [2011.05.11 17:09:56 | 000,142,592 | -H-- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2) DRV - [2011.03.19 18:22:24 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.24 16:25:52 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.01.09 13:03:40 | 000,213,640 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009.01.09 13:03:40 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009.01.09 13:03:40 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009.01.09 13:03:40 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009.01.09 13:03:06 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2008.12.31 17:29:08 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2008.10.23 14:08:54 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP) DRV - [2008.06.25 07:26:34 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2008.06.09 00:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.05.20 21:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.05.08 11:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R) DRV - [2008.03.28 12:19:54 | 001,363,088 | ---- | M] (Syntek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\StkCMini.sys -- (StkCMini) DRV - [2008.01.21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007.12.04 18:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD) DRV - [2006.11.28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "https://webmail.eva.mpg.de/ox6/ox.html" FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280 FF - prefs.js..extensions.enabledItems: {C3B2959E-301D-47E5-A440-2C797569D4F6}:1.9.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 18:42:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 18:42:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.2\extensions\\Components: D:\components [2011.03.05 13:43:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.2\extensions\\Plugins: D:\plugins [2011.04.12 09:12:07 | 000,000,000 | ---D | M] [2010.02.26 01:23:02 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions [2010.02.26 01:23:02 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.04.15 08:53:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\psm38bn6.default\extensions [2011.04.15 08:50:53 | 000,000,873 | -H-- | M] () -- C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\psm38bn6.default\searchplugins\conduit.xml [2011.05.09 19:13:45 | 000,000,950 | -H-- | M] () -- C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\psm38bn6.default\searchplugins\icqplugin-1.xml [2009.05.06 10:11:58 | 000,000,950 | -H-- | M] () -- C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\psm38bn6.default\searchplugins\icqplugin-2.xml [2009.05.16 01:37:22 | 000,000,950 | -H-- | M] () -- C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\psm38bn6.default\searchplugins\icqplugin-3.xml [2009.06.24 09:30:06 | 000,000,950 | -H-- | M] () -- C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\psm38bn6.default\searchplugins\icqplugin-4.xml [2010.06.21 16:35:24 | 000,001,042 | -H-- | M] () -- C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\psm38bn6.default\searchplugins\icqplugin.xml [2011.05.10 08:41:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.03.19 09:35:13 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.10 08:41:37 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010.02.25 11:47:46 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2011.05.10 08:41:37 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2009.05.27 20:03:20 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2011.05.11 14:51:26 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\JAN\APPDATA\LOCAL\{C3B2959E-301D-47E5-A440-2C797569D4F6} [2011.01.21 12:04:24 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.01.21 12:04:24 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2011.01.21 12:04:24 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.01.21 12:04:24 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.01.21 12:04:24 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Bdidomurediqatar] File not found O4 - HKCU..\Run: [Hwefutiyayiyoh] File not found O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\\PartyPoker\RunApp.exe () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: ebay.de ([www] https in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: eintracht-schkeuditz.de ([www] https in Vertrauenswürdige Sites) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.186.225 192.168.0.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007.12.07 17:27:18 | 000,077,893 | ---- | M] (Palm, Inc.) - D:\AutoDetect.dll -- [ NTFS ] O33 - MountPoints2\{5ed792f1-e56e-11dd-b592-001377aa169b}\Shell - "" = AutoRun O33 - MountPoints2\{5ed792f1-e56e-11dd-b592-001377aa169b}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{f741a02b-d74f-11dd-aa8d-001377aa169b}\Shell - "" = AutoRun O33 - MountPoints2\{f741a02b-d74f-11dd-aa8d-001377aa169b}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk - D:\Hotsync.exe - (PalmSource, Inc) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation) MsConfig - StartUpFolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerReg Scheduler.exe - - File not found MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) MsConfig - StartUpReg: mcagent_exe - hkey= - key= - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SafeBootMin: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SafeBootNet: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootNet: Messenger - File not found SafeBootNet: MpfService - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.I420 - MSh263.drv File not found Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.05.12 08:10:44 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2011.05.11 22:23:21 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Roaming\Malwarebytes [2011.05.11 22:23:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.11 22:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.05.11 22:23:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.11 22:23:06 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.05.11 22:18:42 | 007,734,208 | -H-- | C] (Malwarebytes Corporation ) -- C:\Users\\mbam-setup.exe [2011.05.11 17:09:55 | 000,000,000 | -H-D | C] -- C:\Users\\AppData\Roaming\Spyware Terminator [2011.05.11 17:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator [2011.05.11 17:09:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\Spyware Terminator [2011.05.11 17:09:37 | 000,000,000 | -H-D | C] -- C:\Programme\Spyware Terminator [2011.05.11 16:58:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch [2011.05.11 14:51:26 | 000,000,000 | -H-D | C] -- C:\Users\\AppData\Local\{C3B2959E-301D-47E5-A440-2C797569D4F6} [2011.05.10 08:41:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype Extras [2011.05.10 08:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.05.10 08:41:07 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2011.05.02 09:22:33 | 000,000,000 | -H-D | C] -- C:\Users\\Desktop\korrekturen ma [2011.04.30 18:41:35 | 000,000,000 | -H-D | C] -- C:\Users\\Desktop\Abschlussprüfung [2006.11.24 07:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006.11.24 07:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll ========== Files - Modified Within 30 Days ========== [2011.05.12 08:10:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe [2011.05.12 08:03:44 | 000,028,389 | ---- | M] () -- C:\Windows\System32\Config.MPF [2011.05.12 08:02:47 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.12 08:02:46 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.12 08:02:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.12 08:02:29 | 3215,577,088 | -HS- | M] () -- C:\hiberfil.sys [2011.05.12 00:34:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.05.11 22:18:53 | 007,734,208 | -H-- | M] (Malwarebytes Corporation ) -- C:\Users\\mbam-setup.exe [2011.05.11 21:22:09 | 000,000,120 | -H-- | M] () -- C:\Users\\AppData\Local\Tjavecus.dat [2011.05.11 18:00:03 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job [2011.05.11 18:00:03 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job [2011.05.11 17:09:56 | 000,142,592 | -H-- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys [2011.05.11 15:36:12 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6565CC11-F566-40F1-8341-08DFD6DF742B}.job [2011.05.11 14:51:27 | 000,000,000 | -H-- | M] () -- C:\Users\\AppData\Local\Ixuyefub.bin [2011.05.11 14:49:22 | 000,000,000 | -H-- | M] () -- C:\Users\\2gweorjqjutp92vjy9gake [2011.05.11 13:57:43 | 000,257,475 | -H-- | M] () -- C:\ProgramData\nvModes.dat [2011.05.11 13:57:43 | 000,257,475 | -H-- | M] () -- C:\ProgramData\nvModes.001 [2011.05.05 12:01:48 | 000,770,571 | -H-- | M] () -- C:\Users\\Desktop [2011.05.02 09:24:28 | 000,686,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.05.02 09:24:28 | 000,643,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.05.02 09:24:28 | 000,150,888 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.05.02 09:24:28 | 000,122,500 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.26 15:52:48 | 000,132,642 | -H-- | M] () -- C:\Users\\Desktop\Cooperation in Chimpanzees.pdf [2011.04.16 15:04:52 | 000,373,016 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.15 14:02:55 | 000,049,866 | -H-- | M] () -- C:\Users\\Desktop\ ========== Files Created - No Company Name ========== [2011.05.11 21:59:04 | 3215,577,088 | -HS- | C] () -- C:\hiberfil.sys [2011.05.11 17:09:56 | 000,142,592 | -H-- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys [2011.05.11 14:51:27 | 000,000,120 | -H-- | C] () -- C:\Users\\AppData\Local\Tjavecus.dat [2011.05.11 14:51:27 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\Ixuyefub.bin [2011.05.11 14:49:22 | 000,000,000 | -H-- | C] () -- C:\Users\\2gweorjqjutp92vjy9gake [2011.05.05 12:01:45 | 000,770,571 | -H-- | C] () -- C:\Users\\Desktop\gesamtes Dokument_umstrukturiert_kompatibel_1.pdf [2011.04.26 15:52:47 | 000,132,642 | -H-- | C] () -- C:\Users\\Desktop\Cooperation in Chimpanzees.pdf [2011.04.15 14:02:55 | 000,049,866 | -H-- | C] () -- C:\Users\\Desktop\Aushang_Prferzuordnung_2011-04-14.pdf [2010.07.15 22:48:37 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\aveficawajurija.dll [2010.07.15 16:50:39 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\udacubuwo.dll [2010.07.15 01:40:39 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\igudonotudokawas.dll [2010.07.14 23:38:39 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\useficaw.dll [2010.07.14 21:36:38 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\adavupilidar.dll [2010.07.14 19:34:37 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\awoyafisequpal.dll [2010.07.14 12:06:18 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\osemowemowemo.dll [2010.07.14 10:04:15 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\obuzuquf.dll [2010.07.14 00:14:00 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\enizevuladiwoxew.dll [2010.07.13 22:12:00 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\iveladolequfiraw.dll [2010.07.13 17:34:21 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\unidicuvuh.dll [2010.07.13 09:03:06 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\eyihurozecec.dll [2010.07.12 23:52:38 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\onunagogutagesa.dll [2010.07.12 21:50:38 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\elutulivihan.dll [2010.07.12 19:48:40 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\uwuninozumah.dll [2010.07.12 18:17:20 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ogoqubef.dll [2010.07.12 13:21:56 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\orayuliw.dll [2010.07.12 11:19:57 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\uxesukas.dll [2010.07.12 07:15:58 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ezojatazalebinur.dll [2010.07.12 00:24:32 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\etoyojomuc.dll [2010.07.11 22:22:31 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\osetufumul.dll [2010.07.11 20:20:32 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\uzabeguy.dll [2010.07.11 18:18:35 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\afejilil.dll [2010.07.11 09:58:47 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\etosonocesofihut.dll [2010.07.11 07:56:48 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ajazavoh.dll [2010.07.11 05:54:48 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ivobeyitamewiga.dll [2010.07.10 20:32:05 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\oyemexizodulip.dll [2010.07.10 18:30:13 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ufolikolakefuper.dll [2010.07.10 12:44:04 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ihomucorojewujo.dll [2010.07.10 10:53:23 | 000,000,000 | -H-- | C] () -- C:\Users\\AppData\Local\ociliyojoqo.dll [2010.04.30 11:28:53 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.04.26 22:40:05 | 000,000,032 | --S- | C] () -- C:\Users\\AppData\Local\886739347.dat [2009.05.29 18:57:21 | 000,001,372 | ---- | C] () -- C:\Windows\System32\dmlg.dat [2009.05.23 13:27:53 | 000,001,024 | -H-- | C] () -- C:\Windows\System32\grcauth2.dll [2009.05.23 13:27:53 | 000,001,024 | -H-- | C] () -- C:\Windows\System32\grcauth1.dll [2009.05.23 13:27:53 | 000,000,100 | -H-- | C] () -- C:\Windows\System32\prsgrc.dll [2009.05.23 13:20:31 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2009.05.23 13:20:31 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2009.05.22 12:19:15 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2008.12.25 00:45:54 | 000,027,648 | -H-- | C] () -- C:\Users\\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.24 19:07:21 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2008.12.24 19:07:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.06.26 13:37:16 | 000,686,620 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.06.26 13:37:16 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.06.26 13:37:16 | 000,150,888 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.06.26 13:37:16 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.06.26 13:26:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.06.25 23:08:18 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008.06.25 07:48:51 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008.06.25 07:36:36 | 000,257,475 | -H-- | C] () -- C:\ProgramData\nvModes.001 [2008.06.25 07:36:12 | 000,257,475 | -H-- | C] () -- C:\ProgramData\nvModes.dat [2008.06.25 07:30:52 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2008.06.25 07:30:30 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008.06.25 07:30:30 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008.06.25 07:23:34 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll [2008.06.25 07:22:17 | 000,080,400 | ---- | C] () -- C:\Windows\StkUnist.exe [2008.06.25 07:22:16 | 000,197,648 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys [2008.06.25 07:18:10 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe [2008.06.25 07:18:10 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe [2008.02.09 18:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat [2007.02.15 09:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006.11.29 10:00:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\MAWebControl.exe [2006.11.29 10:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,373,016 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,643,612 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,122,500 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.10.09 03:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2010.02.25 12:37:24 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Academic Software Zurich [2009.06.07 17:37:05 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Bullzip [2010.12.02 14:29:54 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Canneverbe Limited [2008.12.31 17:28:40 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DAEMON Tools [2011.05.12 00:29:24 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Desktopicon [2009.01.26 18:01:53 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DriverCure [2011.03.04 12:20:15 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DVDVideoSoftIEHelpers [2010.03.22 14:18:41 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\HotSync [2011.05.11 15:13:09 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\ICQ [2009.06.24 18:31:20 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Leadertech [2010.04.30 11:59:55 | 000,000,000 | -HSD | M] -- C:\Users\\AppData\Roaming\lowsec [2011.05.11 21:27:04 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Spyware Terminator [2010.02.26 01:22:55 | 000,000,000 | -H-D | M] -- C:\Users\AppData\Roaming\Thunderbird [2009.07.06 17:19:17 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Toolbars [2009.06.28 22:13:39 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\VoipDiscount [2010.12.01 14:26:37 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job [2010.07.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job [2010.12.01 02:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job [2011.05.11 18:00:03 | 000,000,438 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job [2011.05.11 18:00:03 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job [2010.11.30 02:47:04 | 000,000,412 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job [2011.05.12 00:34:11 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.05.11 15:36:12 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6565CC11-F566-40F1-8341-08DFD6DF742B}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.02.25 12:37:24 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Academic Software Zurich [2011.05.11 14:49:22 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Adobe [2011.02.09 13:15:42 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Apple Computer [2009.06.24 18:34:30 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Arcsoft [2010.04.30 12:01:13 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Avira [2009.06.07 17:37:05 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Bullzip [2010.12.02 14:29:54 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Canneverbe Limited [2008.12.31 17:28:40 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DAEMON Tools [2011.05.12 00:29:24 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Desktopicon [2010.05.24 17:09:00 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DivX [2009.01.26 18:01:53 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DriverCure [2011.01.10 23:11:56 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\dvdcss [2011.03.04 12:20:15 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\DVDVideoSoftIEHelpers [2010.03.22 14:18:41 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\HotSync [2011.05.11 15:13:09 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\ICQ [2008.12.24 18:12:25 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Identities [2010.02.08 10:27:32 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Intel [2009.06.24 18:31:20 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Leadertech [2010.04.30 11:59:55 | 000,000,000 | -HSD | M] -- C:\Users\\AppData\Roaming\lowsec [2008.12.24 18:34:23 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Macromedia [2011.05.11 22:23:21 | 000,000,000 | ---D | M] -- C:\Users\\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Media Center Programs [2011.01.11 11:06:44 | 000,000,000 | --SD | M] -- C:\Users\\AppData\Roaming\Microsoft [2009.01.04 15:20:21 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Mozilla [2010.06.01 19:41:58 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Mozilla-Cache [2011.05.11 15:38:24 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Skype [2011.05.11 15:37:54 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\skypePM [2011.05.11 21:27:04 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Spyware Terminator [2010.02.26 01:22:55 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Thunderbird [2009.07.06 17:19:17 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\Toolbars [2009.01.16 00:02:55 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\vlc [2009.06.28 22:13:39 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\VoipDiscount [2009.01.26 18:06:13 | 000,000,000 | -H-D | M] -- C:\Users\\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2009.01.14 22:31:29 | 001,887,176 | -H-- | M] (Adobe Systems Incorporated) -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe [2011.02.14 13:42:14 | 002,832,544 | -H-- | M] (Adobe Systems, Inc.) -- C:\Users\Jan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2009.06.24 18:26:34 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{B1D78321-7AB1-45A7-A084-885AF75B8F3D}\BluetoothShortcut.exe [2009.06.24 18:26:34 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{B1D78321-7AB1-45A7-A084-885AF75B8F3D}\BluetoothShortcut_ITA.exe [2009.06.24 18:26:34 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{B1D78321-7AB1-45A7-A084-885AF75B8F3D}\NewShortcut5.exe [2009.06.24 18:26:34 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{B1D78321-7AB1-45A7-A084-885AF75B8F3D}\NewShortcut5_2.exe [2009.06.24 18:26:34 | 000,045,056 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{B1D78321-7AB1-45A7-A084-885AF75B8F3D}\NewShortcut8.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2008.05.07 10:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys [2008.06.16 14:38:28 | 000,396,312 | ---- | M] (Intel Corporation) MD5=DB0C1076AB442C09D2A3AB0410DBEA0D -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2008.06.16 14:38:10 | 000,318,488 | ---- | M] (Intel Corporation) MD5=F263A9036F8897FFA2AE54685E03AD60 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2008.06.16 14:38:10 | 000,318,488 | ---- | M] (Intel Corporation) MD5=F263A9036F8897FFA2AE54685E03AD60 -- C:\Windows\System32\drivers\iaStor.sys [2008.06.16 14:38:10 | 000,318,488 | ---- | M] (Intel Corporation) MD5=F263A9036F8897FFA2AE54685E03AD60 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3506096f\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2008.12.31 17:29:08 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.01.21 04:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2008.01.21 04:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2011.02.18 17:45:03 | 000,193,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll < > ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report > und die extras.txtOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.05.2011 08:12:59 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 60,49 Gb Free Space | 41,98% Space Free | Partition Type: NTFS
Drive D: | 144,00 Gb Total Space | 129,23 Gb Free Space | 89,75% Space Free | Partition Type: NTFS
Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CE4A6A-F06F-4366-AE9B-6E70BB89DE0B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{09B82570-3BB2-402A-AABE-D38A6B9C3822}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D8A82E3-FB25-467E-B5A7-30BE3D0DC581}" = lport=138 | protocol=17 | dir=in | app=system |
"{173F39C8-37A0-4F3F-86C0-D34CAB4451D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1C69006A-2E0E-4382-93CB-948BFEF8FB41}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2788C89C-A771-4FE5-A147-51E6F92210B7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C661C94-A73C-4682-93F7-E6C0F9A26A1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{32DDD508-5184-4D9A-9121-D4E6C8228179}" = rport=137 | protocol=17 | dir=out | app=system |
"{584342B5-BC81-409A-B236-17278483CD02}" = rport=139 | protocol=6 | dir=out | app=system |
"{5DA0A055-2572-4B08-AEB9-8B7F5BC99828}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A3EC03EB-F404-4C85-A112-C926F3C1601C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A75C3297-EC91-4445-BDAC-B0500CEF650E}" = lport=137 | protocol=17 | dir=in | app=system |
"{AA31B417-EE46-4EFF-8885-12524BD02158}" = lport=139 | protocol=6 | dir=in | app=system |
"{B6129F98-5342-4BD7-A045-2C3D171406AB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C72611AF-2000-49D5-B768-91B00989F67D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D8AC4681-D0AD-47B1-8D2F-A2C27617607C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DCAB2756-7503-4795-A1B6-FF834279B9B5}" = lport=445 | protocol=6 | dir=in | app=system |
"{E774DC70-4AC2-479C-B161-FC99184EE300}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{EE8ADA95-22C5-4DC6-84AA-9D36EA4DBFA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F40EB487-BC14-43AB-84BA-E8ADF8011404}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16E42212-A15C-48CE-9073-508FEAEFE664}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{20F2D4B7-19A5-40A8-9291-F0879CBE9A2F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{21D7F792-EAA0-4AA6-B5C6-9253918B18B9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{281EB8C8-643F-4D98-BDAC-8D05A552D952}" = dir=in | app=d:\itunes.exe |
"{2A8F1A49-2850-47AB-973E-E11E73AF44DA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CF5B874-02FD-4478-8C89-5818B91AC8E1}" = protocol=17 | dir=in | app=c:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe |
"{30F3FA6C-0344-4AF4-8A9F-5C5E55244046}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{35840F05-D87F-4E77-97FE-A5E8CC03AA01}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3A6474B3-ECBB-4689-96FF-F219E59BD076}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3C4F0119-CFB6-419D-B9DF-24AD0F821FF6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4380B52E-A787-4603-B21F-5B24E7DB0A85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{445749A4-9740-4F97-97A0-30B63B13257B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4A6A3898-B9AA-4043-9676-76A9592FA5BC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4BC170A8-5160-4FFB-A6A3-2201BBB02492}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CEA9209-D265-4DC4-BEF2-ED3342489566}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4D9A4AE1-138F-4A3E-8873-6662FA533DA5}" = protocol=6 | dir=in | app=c:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe |
"{649876CF-55C5-4A59-B13F-CF0F09DFEB72}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{66524954-1A7D-4521-9E16-CAB4A754C040}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C3A9DE7-C491-40DD-914B-711BEBDE37EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A838FA0-C956-4EA6-9F9F-6A48CF5B82FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B363943-F519-4943-88A3-C62E618978B6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{9EE09123-FC48-4462-A1B9-ACA39B7D3CE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B3C5D727-2D1F-4BEB-BAE5-3FBBF06FC7BB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BC00ECA8-E002-43F2-82CF-89BDDDA5A2C8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C30F3283-D4EC-48E8-8444-4A18B0D56BC1}" = protocol=6 | dir=out | app=system |
"{C5B226B3-994D-4D8B-9E9F-CD7741B7F5FA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D449E915-CCCB-415F-998E-929C10BCC103}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D97A9791-AC34-40BA-AFE0-50961854AF61}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E88E1CC0-09DE-492B-B589-34F587550CE6}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{ED7BA02F-87B6-4115-AA41-66918D696096}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{FB7FB1F5-6B68-43B2-8843-4CAB94688883}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{22ADB944-B67E-4388-85BC-338DF4F4341C}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{3E71F2AB-8143-47D8-A547-F66AA69C3C2D}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{408E1988-6D15-424C-96FF-D9EF96471740}D:\hotsync.exe" = protocol=6 | dir=in | app=d:\hotsync.exe |
"TCP Query User{40AC4BD8-B0F0-4897-8876-F4A12EAFD6FB}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{6D6B22E1-3F93-4F66-BE36-84197EBAF7CF}D:\hotsync.exe" = protocol=6 | dir=in | app=d:\hotsync.exe |
"TCP Query User{8721F485-62E5-46DB-B40A-0460E2163EA2}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{9DF7F28C-F068-4F21-99C9-315E5984801F}C:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=6 | dir=in | app=c:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe |
"TCP Query User{9E5B76CC-0CB6-4803-9799-83B48A3A68E7}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{AD5105DD-7E38-41D5-ABC6-285E61612EDB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{373D7826-9BB6-4B0D-81DA-83CBC64B18C0}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{385D0C3C-C9BF-4AAE-AB00-35FEEEE51B7F}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{47FADEE7-4440-4D03-8F1E-705760EE965F}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{68E6AE18-B636-4F7E-8D91-75B7ED3A6B35}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{CE1BE129-7050-4F91-8A2F-DA1230557270}D:\hotsync.exe" = protocol=17 | dir=in | app=d:\hotsync.exe |
"UDP Query User{D5604953-DFDC-404D-9B26-4353384C0D3C}D:\hotsync.exe" = protocol=17 | dir=in | app=d:\hotsync.exe |
"UDP Query User{D82358CE-F86D-4F9A-923D-5F05DF9E444F}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{E8D8381F-920C-4793-9B2D-E9E7F477184B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{F0CDC56D-1B83-4C1E-8AC6-B2295AFDEB7D}C:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe" = protocol=17 | dir=in | app=c:\program files\voipdiscount.com\voipdiscount\voipdiscount.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{090962E2-4BE8-4A8A-86B0-7A5ED31C1273}" = USB2.0 UVC WebCam
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java(TM) SE Development Kit 6 Update 13
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" =
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.766
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"Citavi" = Citavi 2.5
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.64
"ICQToolbar" = ICQ Toolbar
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MSC" = McAfee SecurityCenter
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"ProInst" = Intel PROSet Wireless
"PROPLUS" = Microsoft Office Professional Plus 2007
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"SecureW2 TTLS Client" = SecureW2 TTLS Client 3.3.3 for Windows
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Spyware Terminator_is1" = Spyware Terminator
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"VoipDiscount_is1" = VoipDiscount
"WinRAR archiver" = WinRAR
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mixxx (1.8.2)" = Mixxx 1.8.2
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Geändert von bärtiger (12.05.2011 um 08:40 Uhr) |
| Themen zu Einschätzung otl-log |
| 0x00000001, 4d36e972-e325-11ce-bfc1-08002be10318, alternate, antivir, audiograbber, autorun, avgntflt.sys, avira, bho, bonjour, c:\windows\system32\rundll32.exe, canon, converter, ebay.de, error, excel.exe, firefox, format, frage, google, home, install.exe, location, logfile, microsoft office 2003, microsoft office word, mozilla, mozilla thunderbird, mp3, nvlddmkm.sys, object, office 2007, oldtimer, otl-log, picasa, plug-in, realtek, registry, rundll, scan, searchplugins, security update, server, software, sptd.sys, spyware, spyware terminator, start menu, svchost.exe, vista, wrapper |
Baum-Darstellung